[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12935684#action_12935684 ] Achim Nierbeck commented on KARAF-188: -- I agree with Guillaume, concerning the pax UserAdmin stuff, as far as I did realize from the architecture description a JAAS as underlying provider could be attached to the service. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12935665#action_12935665 ] Guillaume Nodet commented on KARAF-188: --- The point is that the UserAdmin is a standard OSGi service, so even if I haven't had any need for it, some people may want to use it, as it's a standard way to modify users / roles. I think we should have the UserAdmin on top of JAAS if there's a need to provide a UserAdmin, but I'm not sure how much of pax implementation we could reuse for that. But I think that's a separate issue. I think the commands are valuable and we could always refactor them on top of the UserAdmin if we ever have an implementation linked to JAAS. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12935662#action_12935662 ] Ioannis Canellos commented on KARAF-188: I think that since karaf uses jaas, there is no point in using the user admin service. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12935520#action_12935520 ] Achim Nierbeck commented on KARAF-188: -- A little side note from me, could this not be handled through a osgi user admin service? There is a little pax implementation around http://www.ops4j.org/projects/pax/useradmin/ I was thinking about this the other day, while discussing the jaas feature with a colleague of mine. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12928729#action_12928729 ] Ioannis Canellos commented on KARAF-188: I added jaas:list and jaas:userlist. The command jaas:userdel, is already added. The only missing command is jaas:passwd (jaas:useradd changes password if user already exists), so I don't know if we should add jaas:passwd. Since this was quite a big issue most probably there will be changes, fixes so I am leaving it open for now. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12926979#action_12926979 ] Guillaume Nodet commented on KARAF-188: --- I also think we should have a userdel command to delete a user. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12926978#action_12926978 ] Guillaume Nodet commented on KARAF-188: --- I don't think password should be displayed. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12926958#action_12926958 ] Ioannis Canellos commented on KARAF-188: I will add the following commands: jaas:list - A command that will list all realms/modules. jaas:listusers - A command that will list all users / roles of the current realm (I am not sure about passwords). > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12926868#action_12926868 ] Guillaume Nodet commented on KARAF-188: --- I think there's a big problem in that there's no way to actually see the realm, users and roles. You need to actually know the exact state to make some modifications. For example, using the config:list command, you can actually see all the configs, then you have config:proplist to see the properties for the config managed. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12926305#action_12926305 ] Ioannis Canellos commented on KARAF-188: I committed the commands which work as described above. The commands are not tightly coupled to the LoginModule. The commands use the "BackingEngine" which is the execution environment of the commands for each LoginModule. The commit contains backing engines for all the current modules (property & jdbc). I will keep the issue open for, suggestions, feedback etc. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet >Assignee: Ioannis Canellos > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12907127#action_12907127 ] Jean-Baptiste Onofré commented on KARAF-188: I think that the jass:useradd and jaas:passwd should get the encryption from the LoginModule crypt attribute by default. > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
[jira] Commented: (KARAF-188) Provide commands to manage users, passwords and roles
[ https://issues.apache.org/jira/browse/KARAF-188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12907124#action_12907124 ] Ioannis Canellos commented on KARAF-188: It could work like the config command: ka...@root> jaas:manage ka...@root> jaas:useradd (with optional arguments that could control encryption?) ka...@root> jaas:passwd (with optional arguments that could control encryption?) ka...@root> jaas:roleadd ka...@root> jaas:roledel ka...@root> jaas:list ka...@root> jaas:cancel ka...@root> jaas:update This way the user management would be independent to the underlying backing engine. For this to happen we will either need that logic implemented inside the login module, or we will need to specify for each jaas config a the useradmin service implementation specific to the backing engine (not 100% sure if this covers all the needs). > Provide commands to manage users, passwords and roles > - > > Key: KARAF-188 > URL: https://issues.apache.org/jira/browse/KARAF-188 > Project: Karaf > Issue Type: New Feature >Reporter: Guillaume Nodet > -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.
